package cqie.personal.frame.interceptor;

import com.auth0.jwt.exceptions.InvalidClaimException;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.exceptions.TokenExpiredException;
import cqie.personal.frame.enums.Code;
import cqie.personal.frame.util.JwtUtil;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;


public class TokenInterceptor implements HandlerInterceptor {


    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
        String uri = request.getRequestURI();
        //获取token
        String token = request.getHeader("token");
        //解析toke，获取用户信息
        /*可能的报错信息
         * - SignatureVerificationException : 签名不一致异常
         * - TokenExpiredException: 令牌过期异常
         * - AlgorithmMismatchException: 算法不匹配异常
         * - InvalidClaimException: 失效的payload异常
         */
        try {
            JwtUtil.SelectToken(token);
        } catch (InvalidClaimException | NullPointerException e) {
            System.out.println("拦截来自 " + uri + " 的无效token");
            //response.sendRedirect("/Welcome/toLogin");
            throw new JWTVerificationException(Code.USER_LOGIN_INVALID_TOKEN.getMessage());
        }
        return true;
    }

}
